Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/kMawLGf0pUMw8NHh8wN4SdiPvO8.roa
File: kMawLGf0pUMw8NHh8wN4SdiPvO8.roa (raw, json)
Hash identifier: BDAHfDtj0vljlXXQC8dwv9gTCK/GsVd+xyduLJ7e6jw=
Subject key identifier: 90:C6:B0:2C:67:F4:A5:43:30:F0:D1:E1:F3:03:78:49:D8:8F:BC:EF
Certificate issuer: /CN=2fa16ab06020067740a4c1fb47a912622f1d0722
Certificate serial: 018CC56DF7C113DA767174C221F9FFAD4D6B
Authority key identifier: 2F:A1:6A:B0:60:20:06:77:40:A4:C1:FB:47:A9:12:62:2F:1D:07:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L6FqsGAgBndApMH7R6kSYi8dByI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/kMawLGf0pUMw8NHh8wN4SdiPvO8.roa
Signing time: Mon 01 Jan 2024 14:29:27 +0000
ROA not before: Mon 01 Jan 2024 14:29:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 397630
IP address blocks: 85.115.208.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 31 Jan 2024 07:19:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6d:f7:c1:13:da:76:71:74:c2:21:f9:ff:ad:4d:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2fa16ab06020067740a4c1fb47a912622f1d0722
Validity
Not Before: Jan 1 14:29:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=90c6b02c67f4a54330f0d1e1f3037849d88fbcef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:dc:37:e9:9d:95:b4:d4:0f:13:23:ae:7b:d2:
c6:ac:00:e8:ee:99:65:d1:2f:d4:55:20:64:2e:6d:
7e:cd:0d:0f:6b:28:41:3b:87:bd:c3:61:15:25:15:
73:2c:dd:02:c6:4d:0f:98:6d:f5:25:f8:b8:e2:a8:
df:d9:b6:9c:54:7d:7e:4c:bc:86:ef:ad:f2:67:f8:
8d:cb:98:17:1f:84:1a:f6:2e:04:01:a8:e5:74:62:
5f:4f:2b:36:8f:e5:76:a0:f1:a7:29:83:ad:ff:ac:
80:71:69:aa:a6:0e:7d:4f:62:24:85:ed:91:48:53:
1b:3a:24:85:83:5b:72:f2:b2:35:20:1d:5d:a4:4c:
95:ec:c4:5a:75:5a:16:cd:5f:c4:5f:f0:92:e5:ad:
8d:e4:4f:3c:ff:37:d9:cc:67:49:59:4c:9f:78:f3:
83:6d:56:5f:74:8d:4d:8d:a1:88:ea:e5:1b:8e:8d:
d5:bf:33:b8:14:26:e1:20:da:5b:35:d8:b9:54:fa:
2b:00:9a:e1:82:08:d0:cb:11:69:9e:64:ca:5c:d9:
37:4a:04:33:59:24:fa:30:60:53:5e:d5:58:79:2e:
86:71:34:92:ff:7c:d8:ee:4d:f0:85:f1:93:a2:fe:
84:42:2c:b1:62:70:19:51:d0:e7:cc:77:e8:ca:d7:
2b:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:C6:B0:2C:67:F4:A5:43:30:F0:D1:E1:F3:03:78:49:D8:8F:BC:EF
X509v3 Authority Key Identifier:
keyid:2F:A1:6A:B0:60:20:06:77:40:A4:C1:FB:47:A9:12:62:2F:1D:07:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L6FqsGAgBndApMH7R6kSYi8dByI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/kMawLGf0pUMw8NHh8wN4SdiPvO8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/L6FqsGAgBndApMH7R6kSYi8dByI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.115.208.0/24
Signature Algorithm: sha256WithRSAEncryption
71:92:c6:2b:e1:81:96:4f:da:91:87:91:d1:a4:8e:78:d5:2a:
19:9e:5c:02:61:fb:6e:50:53:43:30:42:6b:87:c2:6f:7f:04:
78:3f:36:65:37:66:9e:5e:67:87:db:70:81:d7:77:9e:b9:17:
d6:2a:43:b2:6e:39:c3:4a:d2:3a:f9:ad:9b:96:3c:aa:d8:e2:
c7:ec:b2:86:8a:bc:60:22:a8:44:a3:dc:65:0d:77:b8:d6:28:
51:2e:0a:5f:ba:86:c8:20:a5:67:fc:56:a9:9c:d7:d3:a7:63:
1b:e1:8f:0f:5e:c2:e1:fb:b6:e2:0f:76:5f:02:04:87:11:27:
4c:7d:a4:99:b6:af:fb:59:11:29:54:c6:18:3e:ca:c0:36:f4:
b7:51:77:f0:25:24:39:df:f5:17:dd:f4:07:40:3b:1e:35:4a:
20:4f:71:74:e7:c5:f4:cb:71:1c:a2:e9:ae:02:bd:05:d2:ad:
b3:11:ce:52:57:4d:69:7b:a0:15:4c:dc:e7:34:59:5d:3c:b9:
2d:f4:19:45:6e:ca:ef:d5:c0:e2:4f:3e:94:93:04:2c:aa:38:
8c:f9:2d:a1:6f:44:ef:e9:20:71:19:b7:c7:5b:32:c2:84:94:
7a:83:8c:51:9c:bb:ab:e2:9e:7e:29:0f:e5:01:b2:9b:09:a1:
7c:ff:6f:66
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFbffBE9p2cXTCIfn/rU1rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmYTE2YWIwNjAyMDA2Nzc0MGE0YzFmYjQ3YTkxMjYyMmYx
ZDA3MjIwHhcNMjQwMTAxMTQyOTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MGM2YjAyYzY3ZjRhNTQzMzBmMGQxZTFmMzAzNzg0OWQ4OGZiY2VmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqtw36Z2VtNQPEyOue9LGrADo7pll
0S/UVSBkLm1+zQ0PayhBO4e9w2EVJRVzLN0Cxk0PmG31Jfi44qjf2bacVH1+TLyG
763yZ/iNy5gXH4Qa9i4EAajldGJfTys2j+V2oPGnKYOt/6yAcWmqpg59T2Ikhe2R
SFMbOiSFg1ty8rI1IB1dpEyV7MRadVoWzV/EX/CS5a2N5E88/zfZzGdJWUyfePOD
bVZfdI1NjaGI6uUbjo3VvzO4FCbhINpbNdi5VPorAJrhggjQyxFpnmTKXNk3SgQz
WST6MGBTXtVYeS6GcTSS/3zY7k3whfGTov6EQiyxYnAZUdDnzHfoytcrsQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJDGsCxn9KVDMPDR4fMDeEnYj7zvMB8GA1UdIwQY
MBaAFC+harBgIAZ3QKTB+0epEmIvHQciMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDZGcXNHQWdCbmRBcE1IN1I2a1NZaThkQnlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy83ZjIzOTMtZDAxYS00MWY3LWE1MmUt
ZDI0MmI2ZjNhOGExLzEva01hd0xHZjBwVU13OE5IaDh3TjRTZGlQdk84LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy83ZjIzOTMtZDAxYS00MWY3LWE1MmUtZDI0MmI2ZjNhOGEx
LzEvTDZGcXNHQWdCbmRBcE1IN1I2a1NZaThkQnlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVXPQMA0G
CSqGSIb3DQEBCwUAA4IBAQBxksYr4YGWT9qRh5HRpI541SoZnlwCYftuUFNDMEJr
h8JvfwR4PzZlN2aeXmeH23CB13eeuRfWKkOybjnDStI6+a2bljyq2OLH7LKGirxg
IqhEo9xlDXe41ihRLgpfuobIIKVn/FapnNfTp2Mb4Y8PXsLh+7biD3ZfAgSHESdM
faSZtq/7WREpVMYYPsrANvS3UXfwJSQ53/UX3fQHQDseNUogT3F058X0y3Ecoumu
Ar0F0q2zEc5SV01pe6AVTNznNFldPLkt9BlFbsrv1cDiTz6UkwQsqjiM+S2hb0Tv
6SBxGbfHWzLChJR6g4xRnLur4p5+KQ/lAbKbCaF8/29m
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:00:06 2024 by rpki-client on console-fra.rpki-client.org